Malicious software or "ransomware" has been used in a massive hacking
attack, affecting tens of thousands of computers worldwide. Software
security companies said a ransomware worm called "WannaCry" infected
about 57,000 computer systems in 99 countries on Friday, with Russia,
Ukraine, and Taiwan being the top targets.

The hack forced British hospitals to turn away patients, affected
Spanish companies such as Telefonica, and threw other government
agencies and businesses into chaos.

Description
Ransomware is a programme that gets into your computer, either by
clicking or downloading malicious files. It then holds your data as
ransom.

Some security researchers say the infections in the case of WannaCry
seem to be deployed via a worm, spreading by itself within a network
rather than relying on humans to spread it by clicking on an infected
attachment.

The programme encrypts your files and demands payment in order to
regain access.

Security experts warn there is no guarantee that access will be
granted after payment.

Some forms of ransomware execute programmes that can lock your
computer entirely, only showing a message to make payment in order to
log in again.

Others create pop-ups that are difficult or impossible to close,
rendering the machine difficult or impossible to use.

Impact

WannaCry is a form of ransomware that locks up files on your computer
and encrypts them in a way that you cannot access them anymore. It
targets Microsoft's widely used Windows operating system. When a
system is infected, a pop-up window appears with instructions on how
to pay a ransom amount of $300. The pop-up also features two countdown
clocks; one showing a three-day deadline before the ransom amount
doubles to $600; another showing a deadline of when the target will
lose its data forever.

Payment is only accepted in bitcoin.

The ransomware's name is WCry, but analysts are also using variants
such as WannaCry.

A hacking group called Shadow Brokers released the malware in April
claiming to have discovered the flaw from the US' National Security
Agency (NSA), according cyber-security providers.

As an immediate action, email attachments should be blocked relating
to following files but not limited to .pdf (encapsulating a .js
javascript)/*.hta/.doc macro based Microsoft word) or related
executables.

Prevention:
Have all files backed up in a completely separate system.
This ransomware targets all versions of Windows including Windows XP,
Windows Vista, Windows 7, Windows 8 and Windows 10.
Clients should ensure that they are patched on MS17-010.
Disable the outdated protocol SMBv1.
Isolate unpatched systems from the larger network Recovery:
As of now, there are no know recovery methods available.
Do not try to pay the ransom
Ensure you have smart screen (in Internet Explorer) turned on, which
helps identify reported phishing and malware websites and helps you
make informed decisions about downloads
Have a pop-up blocker running on your web browser
Regularly backup your important files

"....he majority of machines hit
by the WannaCry ransomware worm in the cyber-attack earlier this month were
running Windows 7, security firms suggest.
More than 97% of the infections seen by Kaspersky Lab and 66% of those seen by
BitSight used the older software...."

"...The unprecedented outbreak
of Trojan ransomware WannaCry has created a worldwide plague affecting home
users and businesses. We have already posted some basics about WannaCry, and
in this post we will provide further advice particularly for businesses. It
is urgent and critical to know what WannaCry is, how it spreads, what
dangers it poses, and how to stop it...."

'...The attackers behind WanaCrypt0r/WannaCry were not the only
cybercriminals putting DoublePulsar and EternalBlue to use this weekend,
as Proofpoint spotted the stolen NSA tools being used with the
cryptocurrency miner Adylkuzz......'

'...A bug in Google's popular web browser Chrome could enable bad actors
to place a malicious file onto a target PC that could then be used to
siphon off Windows credentials and initiate a Server Message Block (SMB)
relay attack, according to a post by Bosko Stankovic, an information
security engineer at DefenseCode....'

'....The FBI’s Internet Crime Complaint Center (IC3) issued a public
service announcement earlier this week, urging college students to
remain vigilant of rampant employment scams. According to the PSA,
scammers continue to target students across the US by advertising phony
job opportunities on college employment websites or emailing students’
university accounts....'

'...Monday marks the seven-year anniversary of Bitcoin Pizza Day – the
moment a programmer named Laszlo Hanyecz spent 10,000 bitcoin on two
Papa John's pizzas.

More important than the
episode being widely recognized as the first transaction using the
cryptocurrency is what it tells us about the bitcoin rally that saw it
break through the $2,100 and $2,200 marks on Monday......'

"...In the market for a used
phone? Second-hand devices come with a lower cost, but might have a
suspicious history.

Before purchasing a used smartphone, try make sure it's not actually
registered as lost or stolen.

If you are wandering around with a stolen phone, the original owner might
request it be blocked from carrier networks or locked entirely so you're
unable to use it. There's now a quick way to check a device's status though...."

“..Since researcher Marcus Hutchins (aka MalwareTech) registered a
(previously non-existent) killswitch domain for the malware and stopped
its onslaught, the domain has been under attack by Mirai-powered botnets....”

."...The global WannaCry ransomware attack, which crippled hospitals,
government organizations, companies and individuals around the world,
didn’t have to happen. It was no grand technological feat perpetrated by
genius hacker masterminds. Instead, it took advantage of the lazy,
patchwork way organizations handle security and the seamy roles that the
National Security Agency (NSA) and big tech companies play in
undermining security in the internet age....."